Update to new UI

metsma · metsma · commit 940a4dee3790 · 2024-12-06T14:07:19.000+02:00
Signed-off-by: Raul Metsma &lt;raul@metsma.ee&gt;
diff --git a/client/CDoc2.cpp b/client/CDoc2.cpp
@@ -274,6 +274,7 @@ namespace cdoc20 {
 					io->skip(padding(f.size));
 					if(!readHeader() || h.isNull() || !h.verify())
 						return {};
+					f.name = QString::fromUtf8(h.name.data(), std::min<int>(h.name.size(), int(strlen(h.name.data()))));
 					f.size = fromOctal(h.size);
 					for(const QByteArray &data: paxData.split('\n'))
 					{
@@ -495,7 +496,10 @@ CDoc2::CDoc2(const QString &path)
 
 CKey CDoc2::canDecrypt(const QSslCertificate &cert) const
 {
-	return keys.value(keys.indexOf(CKey(cert)));
+	auto key = keys.value(keys.indexOf(CKey(cert)));
+	if(key.unsupported || (!key.transaction_id.isEmpty() && cert.expiryDate() <= QDateTime::currentDateTimeUtc()))
+		return {};
+	return key;
 }
 
 bool CDoc2::decryptPayload(const QByteArray &fmk)
@@ -558,6 +562,7 @@ bool CDoc2::save(const QString &path)
 		if(!cdoc20::checkConnection())
 			return false;
 		QScopedPointer<QNetworkAccessManager,QScopedPointerDeleteLater> nam(CheckConnection::setupNAM(req, Settings::CDOC2_POST_CERT));
+		req.setRawHeader("x-expiry-time", QDateTime::currentDateTimeUtc().addMonths(6).toString(Qt::ISODate).toLatin1());
 		QEventLoop e;
 		QNetworkReply *reply = nam->post(req, QJsonDocument({
 			{QLatin1String("recipient_id"), QLatin1String(recipient_id.toBase64())},
@@ -598,7 +603,7 @@ bool CDoc2::save(const QString &path)
 					toVector(key.key), toVector(encrytpedKek));
 				recipients.push_back(cdoc20::Header::CreateRecipientRecord(builder,
 					cdoc20::Recipients::Capsule::RSAPublicKeyCapsule, rsaPublicKey.Union(),
-					toString(key.recipient), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
+					toString(key.toKeyLabel()), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
 				continue;
 			}
 
@@ -610,7 +615,7 @@ bool CDoc2::save(const QString &path)
 				rsaKeyServer.Union(), toString(key.keyserver_id), toString(key.transaction_id));
 			recipients.push_back(cdoc20::Header::CreateRecipientRecord(builder,
 				cdoc20::Recipients::Capsule::KeyServerCapsule, keyServer.Union(),
-				toString(key.recipient), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
+				toString(key.toKeyLabel()), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
 			continue;
 		}
 
@@ -638,7 +643,7 @@ bool CDoc2::save(const QString &path)
 				cdoc20::Recipients::EllipticCurve::secp384r1, toVector(key.key), toVector(ephPublicKeyDer));
 			recipients.push_back(cdoc20::Header::CreateRecipientRecord(builder,
 				cdoc20::Recipients::Capsule::ECCPublicKeyCapsule, eccPublicKey.Union(),
-				toString(key.recipient), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
+				toString(key.toKeyLabel()), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
 			continue;
 		}
 
@@ -651,7 +656,7 @@ bool CDoc2::save(const QString &path)
 			eccKeyServer.Union(), toString(key.keyserver_id), toString(key.transaction_id));
 		recipients.push_back(cdoc20::Header::CreateRecipientRecord(builder,
 			cdoc20::Recipients::Capsule::KeyServerCapsule, keyServer.Union(),
-			toString(key.recipient), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
+			toString(key.toKeyLabel()), toVector(xor_key), cdoc20::Header::FMKEncryptionMethod::XOR));
 	}
 
 	auto offset = cdoc20::Header::CreateHeader(builder, builder.CreateVector(recipients),
diff --git a/client/CryptoDoc.cpp b/client/CryptoDoc.cpp
@@ -38,6 +38,7 @@
 #include <QtCore/QRegularExpression>
 #include <QtCore/QThread>
 #include <QtCore/QUrl>
+#include <QtCore/QUrlQuery>
 #include <QtGui/QDesktopServices>
 #include <QtNetwork/QSslKey>
 #include <QtWidgets/QMessageBox>
@@ -250,6 +251,60 @@ void CKey::setCert(const QSslCertificate &c)
 	isRSA = k.algorithm() == QSsl::Rsa;
 }
 
+QHash<QString, QString> CKey::fromKeyLabel() const
+{
+	QHash<QString,QString> result;
+	if(!recipient.startsWith(QLatin1String("data:"), Qt::CaseInsensitive))
+		return result;
+	QString payload = recipient.mid(5);
+	QString mimeType;
+	QString encoding;
+	if(auto pos = payload.indexOf(','); pos != -1)
+	{
+		mimeType = payload.left(pos);
+		payload = payload.mid(pos + 1);
+		if(auto header = mimeType.split(';'); header.size() == 2)
+		{
+			mimeType = header.value(0);
+			encoding = header.value(1);
+		}
+	}
+	if(!mimeType.isEmpty() && mimeType != QLatin1String("application/x-www-form-urlencoded"))
+		return result;
+	if(encoding == QLatin1String("base64"))
+		payload = QByteArray::fromBase64(payload.toLatin1());
+	;
+	for(const auto &[key,value]: QUrlQuery(payload).queryItems(QUrl::FullyDecoded))
+		result[key.toLower()] = value;
+	if(!result.contains(QStringLiteral("type")) || !result.contains(QStringLiteral("v")))
+		result.clear();
+	return result;
+}
+
+QString CKey::toKeyLabel() const
+{
+	if(cert.isNull())
+		return recipient;
+	QDateTime exp = cert.expiryDate();
+	if(Settings::CDOC2_USE_KEYSERVER)
+		exp = std::min(exp, QDateTime::currentDateTimeUtc().addMonths(6));
+	auto escape = [](QString data) { return data.replace(',', QLatin1String("%2C")); };
+	QString type = QStringLiteral("ID-card");
+	if(auto t = SslCertificate(cert).type(); t & SslCertificate::EResidentSubType)
+		type = QStringLiteral("Digi-ID E-RESIDENT");
+	else if(t & SslCertificate::DigiIDType)
+		type = QStringLiteral("Digi-ID");
+	QUrlQuery q;
+	q.setQueryItems({
+		{QStringLiteral("v"), QString::number(1)},
+		{QStringLiteral("type"), type},
+		{QStringLiteral("serial_number"), escape(cert.subjectInfo("serialNumber").join(','))},
+		{QStringLiteral("cn"), escape(cert.subjectInfo("CN").join(','))},
+		{QStringLiteral("server_exp"), QString::number(exp.toSecsSinceEpoch())},
+	});
+	return "data:" + q.query(QUrl::FullyEncoded);
+}
+
 
 
 CryptoDoc::CryptoDoc( QObject *parent )
diff --git a/client/CryptoDoc.h b/client/CryptoDoc.h
@@ -43,6 +43,8 @@ class CKey
 	bool operator==(const CKey &other) const { return other.key == key; }
 
 	void setCert(const QSslCertificate &c);
+	QHash<QString, QString> fromKeyLabel() const;
+	QString toKeyLabel() const;
 
 	QByteArray key, cipher, publicKey;
 	QSslCertificate cert;
diff --git a/client/translations/en.ts b/client/translations/en.ts
@@ -151,6 +151,18 @@
         <source>Unsupported cryptographic algorithm or recipient type</source>
         <translation>Unsupported cryptographic algorithm or recipient type</translation>
     </message>
+    <message>
+        <source>Decryption is possible until:</source>
+        <translation>Decryption is possible until:</translation>
+    </message>
+    <message>
+        <source>Decryption has expired</source>
+        <translation>Decryption has expired</translation>
+    </message>
+    <message>
+        <source>ID-CARD</source>
+        <translation>ID-CARD</translation>
+    </message>
 </context>
 <context>
     <name>Application</name>
diff --git a/client/translations/et.ts b/client/translations/et.ts
@@ -151,6 +151,18 @@
         <source>Unsupported cryptographic algorithm or recipient type</source>
         <translation>Mittetoetatud krüptograafiline algoritm või adressaadi tüüp</translation>
     </message>
+    <message>
+        <source>Decryption is possible until:</source>
+        <translation>Dekrüpteerimine on võimalik kuni:</translation>
+    </message>
+    <message>
+        <source>Decryption has expired</source>
+        <translation>Dekrüpteerimine on aegunud</translation>
+    </message>
+    <message>
+        <source>ID-CARD</source>
+        <translation>ID-KAART</translation>
+    </message>
 </context>
 <context>
     <name>Application</name>
diff --git a/client/translations/ru.ts b/client/translations/ru.ts
@@ -151,6 +151,18 @@
         <source>Unsupported cryptographic algorithm or recipient type</source>
         <translation>Неподдерживаемый криптографический алгоритм или тип получателя</translation>
     </message>
+    <message>
+        <source>Decryption is possible until:</source>
+        <translation>Расшифровка возможна до:</translation>
+    </message>
+    <message>
+        <source>Decryption has expired</source>
+        <translation>Срок расшифровки истек</translation>
+    </message>
+    <message>
+        <source>ID-CARD</source>
+        <translation>ID-КАРТА</translation>
+    </message>
 </context>
 <context>
     <name>Application</name>
diff --git a/client/widgets/AddressItem.cpp b/client/widgets/AddressItem.cpp
@@ -21,9 +21,7 @@
 #include "ui_AddressItem.h"
 
 #include "CryptoDoc.h"
-#include "DateTime.h"
 #include "SslCertificate.h"
-#include "Styles.h"
 #include "dialogs/KeyDialog.h"
 
 using namespace ria::qdigidoc4;
@@ -46,27 +44,23 @@ AddressItem::AddressItem(CKey k, QWidget *parent, bool showIcon)
 	if(showIcon)
 		ui->icon->load(QStringLiteral(":/images/icon_Krypto_small.svg"));
 	ui->icon->setVisible(showIcon);
-	ui->name->setFont(Styles::font(Styles::Regular, 14, QFont::DemiBold));
-	ui->name->installEventFilter(this);
-	ui->idType->setFont(Styles::font(Styles::Regular, 11));
-	ui->idType->installEventFilter(this);
+	ui->name->setAttribute(Qt::WA_TransparentForMouseEvents, true);
+	ui->expire->setAttribute(Qt::WA_TransparentForMouseEvents, true);
+	ui->idType->setAttribute(Qt::WA_TransparentForMouseEvents, true);
+	if(!ui->key.unsupported)
+		setCursor(Qt::PointingHandCursor);
 
 	connect(ui->add, &QToolButton::clicked, this, [this]{ emit add(this);});
 	connect(ui->remove, &QToolButton::clicked, this, [this]{ emit remove(this);});
 
-	ui->add->setFont(Styles::font(Styles::Condensed, 12));
-	ui->added->setFont(ui->add->font());
-
-	ui->code = SslCertificate(ui->key.cert).personalCode().toHtmlEscaped();
-	ui->label = (!ui->key.cert.subjectInfo("GN").isEmpty() && !ui->key.cert.subjectInfo("SN").isEmpty() ?
-			ui->key.cert.subjectInfo("GN").join(' ') + " " + ui->key.cert.subjectInfo("SN").join(' ') :
-			ui->key.cert.subjectInfo("CN").join(' ')).toHtmlEscaped();
+	ui->code = SslCertificate(ui->key.cert).personalCode();
+	ui->label = !ui->key.cert.subjectInfo("GN").isEmpty() && !ui->key.cert.subjectInfo("SN").isEmpty() ?
+			ui->key.cert.subjectInfo("GN").join(' ') + ' ' + ui->key.cert.subjectInfo("SN").join(' ') :
+			ui->key.cert.subjectInfo("CN").join(' ');
 	if(ui->label.isEmpty())
-		ui->label = ui->key.recipient.toHtmlEscaped();
+		ui->label = ui->key.fromKeyLabel().value(QStringLiteral("cn"), ui->key.recipient);
 	setIdType();
 	showButton(AddressItem::Remove);
-	if(ui->key.unsupported)
-		ui->idType->setText(tr("Unsupported cryptographic algorithm or recipient type"));
 }
 
 AddressItem::~AddressItem()
@@ -85,37 +79,24 @@ void AddressItem::changeEvent(QEvent* event)
 	QWidget::changeEvent(event);
 }
 
-bool AddressItem::eventFilter(QObject *o, QEvent *e)
-{
-	if((o == ui->name || o == ui->idType) && e->type() == QEvent::MouseButtonRelease)
-	{
-		(new KeyDialog(ui->key, this))->open();
-		return true;
-	}
-	return Item::eventFilter(o, e);
-}
-
 const CKey& AddressItem::getKey() const
 {
 	return ui->key;
 }
 
-void AddressItem::idChanged(const CKey &key)
+void AddressItem::idChanged(const SslCertificate &cert)
 {
+	CKey key(cert);
 	ui->yourself = !key.key.isNull() && ui->key == key;
 	setName();
 }
 
-void AddressItem::idChanged(const SslCertificate &cert)
-{
-	idChanged(CKey(cert));
-}
-
 void AddressItem::initTabOrder(QWidget *item)
 {
 	setTabOrder(item, ui->name);
 	setTabOrder(ui->name, ui->idType);
-	setTabOrder(ui->idType, ui->remove);
+	setTabOrder(ui->idType, ui->expire);
+	setTabOrder(ui->expire, ui->remove);
 	setTabOrder(ui->remove, ui->added);
 	setTabOrder(ui->added, lastTabWidget());
 }
@@ -127,13 +108,14 @@ QWidget* AddressItem::lastTabWidget()
 
 void AddressItem::mouseReleaseEvent(QMouseEvent * /*event*/)
 {
-	(new KeyDialog(ui->key, this))->open();
+	if(!ui->key.unsupported)
+		(new KeyDialog(ui->key, this))->open();
 }
 
 void AddressItem::setName()
 {
 	ui->name->setText(QStringLiteral("%1 <span style=\"font-weight:normal;\">%2</span>")
-		.arg(ui->label, ui->yourself ? ui->code + tr(" (Yourself)") : ui->code));
+		.arg(ui->label.toHtmlEscaped(), (ui->yourself ? ui->code + tr(" (Yourself)") : ui->code).toHtmlEscaped()));
 	if(ui->name->text().isEmpty())
 		ui->name->hide();
 }
@@ -152,33 +134,53 @@ void AddressItem::stateChange(ContainerState state)
 
 void AddressItem::setIdType()
 {
-	ui->idType->setHidden(ui->key.cert.isNull());
-	if(ui->key.cert.isNull())
-		return;
-
-	QString str;
+	ui->expire->clear();
 	SslCertificate cert(ui->key.cert);
 	SslCertificate::CertType type = cert.type();
-	if(type & SslCertificate::DigiIDType)
-		str = tr("digi-ID");
+	if(ui->key.unsupported)
+	{
+		ui->label = tr("Unsupported cryptographic algorithm or recipient type");
+		ui->idType->clear();
+	}
+	else if(type & SslCertificate::DigiIDType)
+		ui->idType->setText(tr("digi-ID"));
 	else if(type & SslCertificate::EstEidType)
-		str = tr("ID-card");
+		ui->idType->setText(tr("ID-card"));
 	else if(type & SslCertificate::MobileIDType)
-		str = tr("mobile-ID");
+		ui->idType->setText(tr("mobile-ID"));
 	else if(type & SslCertificate::TempelType)
 	{
 		if(cert.keyUsage().contains(SslCertificate::NonRepudiation))
-			str = tr("e-Seal");
+			ui->idType->setText(tr("e-Seal"));
 		else if(cert.enhancedKeyUsage().contains(SslCertificate::ClientAuth))
-			str = tr("Authentication certificate");
+			ui->idType->setText(tr("Authentication certificate"));
 		else
-			str = tr("Certificate for Encryption");
+			ui->idType->setText(tr("Certificate for Encryption"));
+	}
+	else
+	{
+		auto items = ui->key.fromKeyLabel();
+		void(QT_TR_NOOP("ID-CARD"));
+		ui->idType->setText(tr(items[QStringLiteral("type")].toUtf8().data()));
+		if(QString server_exp = items[QStringLiteral("server_exp")]; !server_exp.isEmpty())
+		{
+			auto date = QDateTime::fromSecsSinceEpoch(server_exp.toLongLong(), Qt::UTC);
+			bool canDecrypt = QDateTime::currentDateTimeUtc() < date;
+			ui->expire->setProperty("label", canDecrypt ? QStringLiteral("good") : QStringLiteral("error"));
+			ui->expire->setText(canDecrypt ? QStringLiteral("%1 %2").arg(
+				tr("Decryption is possible until:"), date.toLocalTime().toString(QStringLiteral("dd.MM.yyyy"))) :
+				tr("Decryption has expired"));
+		}
+	}
+
+	if(!cert.isNull())
+	{
+		ui->expire->setProperty("label", QStringLiteral("default"));
+		ui->expire->setText(QStringLiteral("%1 %2").arg(
+			cert.isValid() ? tr("Expires on") : tr("Expired on"),
+			cert.expiryDate().toLocalTime().toString(QStringLiteral("dd.MM.yyyy"))));
 	}
 
-	if(!str.isEmpty())
-		str += QStringLiteral(" - ");
-	DateTime date(cert.expiryDate().toLocalTime());
-	ui->idType->setText(QStringLiteral("%1%2 %3").arg(str,
-		cert.isValid() ? tr("Expires on") : tr("Expired on"),
-		date.formatDate(QStringLiteral("dd. MMMM yyyy"))));
+	ui->idType->setHidden(ui->idType->text().isEmpty());
+	ui->expire->setHidden(ui->expire->text().isEmpty());
 }
diff --git a/client/widgets/AddressItem.h b/client/widgets/AddressItem.h
@@ -39,7 +39,6 @@ class AddressItem final : public Item
 	~AddressItem() final;
 
 	const CKey& getKey() const;
-	void idChanged(const CKey &cert);
 	void idChanged(const SslCertificate &cert) final;
 	void initTabOrder(QWidget *item) final;
 	QWidget* lastTabWidget() final;
@@ -48,7 +47,6 @@ class AddressItem final : public Item
 
 private:
 	void changeEvent(QEvent *event) final;
-	bool eventFilter(QObject *o, QEvent *e) final;
 	void mouseReleaseEvent(QMouseEvent *event) final;
 	void setName();
 	void setIdType();
diff --git a/client/widgets/AddressItem.ui b/client/widgets/AddressItem.ui
